Cyber attacks on .EUS domains decrease by 90% in 2022

The annual cybersecurity report prepared by the PUNTUEUS Foundation has detected 90% fewer cyber-attacks in 2022 compared to 2021, with a total of 29 cases detected last year, compared to 359 in 2021 .

Ensuring the digital security of users is one of the most important tasks of PUNTUEUS. For this purpose, the foundation constantly monitors .EUS domain websites, those under its authority. Thanks to this active surveillance of websites, inappropriate uses, risks and threats are foreseen, and in 2022 they detected such situations in 0.20% of the domains that were registered.

This continuous analysis identifies not only the malicious registries detected, but also the compromised domains. Compromised domains are legitimately registered .EUS domains attacked by a third party. When the compromised domain is identified, the owner of this domain is informed of the attack suffered.

Afterwards, technical assistance is offered to solve the problem, as in most cases those responsible for the web have not been aware of the attack. 19 domains were compromised in 2022, 65% of the total number of analysed cyber attacks.

On the other hand, ‘malicious’ domains are usually websites created with malicious intention, in other words, these are domains suspected of malpractice. The latest analysed and published cybersecurity report states that 4 malicious domains have been detected in 2022.

Innovation and transparency
From this month of March 2023, it’s possible to consult online and in real time the threats that .EUS domains are receiving. This new feature can be viewed on the website of PUNTUEUS through an interactive panel that allows real-time analysis of the types of attacks, the measures adopted for this purpose, the sources of information, etc.

“It is an unprecedented act of transparency and commitment in the global domain sector,” claims PUNTUEUS director Josu Waliño, who explains that for this reason PUNTUEUS “is being invited to present its cybersecurity model in various international forums, such as at the last ICANN75 global meeting, held in Malaysia in September, or at the 5th meeting of the Global Cyber Alliance’s Domain Trust Community, which was held online two weeks ago.

The overall cybersecurity of a domain is becoming more important for websites that choose one domain or another. In this sense, many security systems are starting to block access to websites that use disreputable domains such as .info or .top, among others.

“Reputation is measured by the abuse rate. According to the reference organisation Spamhaus, the abuse rate for .EUS is 0. In other words, “its quality and reputation is optimal, a result that very few domains can achieve”, says Waliño.

The main tool used to detect cases of risk is the Abuse IQ system. In addition, the collaboration agreements signed by PUNTUEUS with the Basque Cybersecurity Center and the Global Cyber Alliance allow us to increase the protection of users in terms of cybersecurity. “Cyber attacks are a globally intensifying problem, but fortunately, in 2022, we have experienced a significant decrease in .EUS domains,” says Waliño. “The decrease is positive, but what is important for us is that all the attacks suffered can be detected and channelled in time. Thanks to the active vigilance of our teamwork, at PUNTUEUS we are prepared to deal at any time with attacks on websites which make up the .EUS community,” concludes Waliño.